#web

Plus: A mysterious hacking group’s secret client is exposed, Signal takes a swipe at Microsoft Recall, Russian hackers target security cameras to spy on aid to Ukraine, and more.

### Overview OpenFGA v1.8.0 to v1.8.12 ( openfga-0.2.16 <= Helm chart <= openfga-0.2.30, v1.8.0 <= docker <= v.1.8.12) are vulnerable to authorization bypass when certain Check and ListObject calls are executed. ### Am I Affected? If you are using OpenFGA v1.8.0 to v1.8.12, specifically under the following conditions, you are affected by this authorization bypass vulnerability: - Calling Check API or ListObjects with an [authorization model](https://openfga.dev/docs/concepts#what-is-an-authorization-model) that has a relationship directly assignable by both [type bound public access](https://openfga.dev/docs/concepts#what-is-type-bound-public-access) and [userset](https://openfga.dev/docs/modeling/building-blocks/usersets), and - There are check or list object queries with [contextual tuples](https://openfga.dev/docs/interacting/contextual-tuples) for the relationship that can be directly assignable by both [type bound public access](https://openfga.dev/docs/concepts#what-is-type-bou...

Uploaded SVG files could contain scripts and if rendered inline those scripts could run allowing XSS attacks.

A specially crafted URL may be constructed which can inject an XSS payload that is triggered by using some module actions.

Marked prior to version 0.3.17 is vulnerable to a Regular Expression Denial of Service (ReDoS) attack due to catastrophic backtracking in several regular expressions used for parsing HTML tags and markdown links. An attacker can exploit this vulnerability by providing specially crafted markdown input, such as deeply nested or repetitively structured brackets or tag attributes, which cause the parser to hang and lead to a Denial of Service.

A Chrome zero-day bug, CVE-2025-4664, exposes login tokens on Windows and Linux. Google has issued a fix, users should update immediately.

From zero-day exploits to large-scale bot attacks — the demand for a powerful, self-hosted, and user-friendly web application security solution has never been greater. SafeLine is currently the most starred open-source Web Application Firewall (WAF) on GitHub, with over 16.4K stars and a rapidly growing global user base. This walkthrough covers what SafeLine is, how it works, and why it’s

Talos analyzed six months of PowerShell network telemetry and found that rare domains are over three times more likely to be malicious compared to frequently contacted ones.

Cybersecurity researchers have discovered an indirect prompt injection flaw in GitLab's artificial intelligence (AI) assistant Duo that could have allowed attackers to steal source code and inject untrusted HTML into its responses, which could then be used to direct victims to malicious websites. GitLab Duo is an artificial intelligence (AI)-powered coding assistant that enables users to write,

ABB Cylon Aspect BMS/BAS is vulnerable to a critical flaw in the AuthenticatedHttpServlet within its application server, enabling remote attackers to bypass authentication by setting the Host: 127.0.0.1 header. This deceives the server into processing requests as if they originate from localhost, granting unauthorized access to privileged operations. This bypass grants access to privileged functionality, including the DeplomentServlet, which is vulnerable to directory traversal. By leveraging this, an attacker can write arbitrary PHP files outside the intended directory scope. When combined, these issues allow remote attackers to upload a malicious PHP shell and execute system commands with the privileges of the web server, leading to full system compromise.